Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Ad.YieldManger.com [CLOSED]

kankaras

Posted 29 June 2005 - 09:00 AM

kankaras

New Member

Member

3 posts

I followed the instructions provided in "Do you suspect a malware?"...I have downloaded and followed the instructions for CleanUp, Ad-aware SE, CWShredder, Spybot S&D, Trend Housecall and TDS-3...I also ran an Anit Virus program...I also rebooted my system before creating this log...some of the programs listed above did state that they were unable to delete some "infected" files since they were currently in use...I would appreciate any help in reviewing this list and letting me know what can be deleted...Thanks!!

Advertisements

Guest_thatman_*

Posted 29 June 2005 - 10:04 AM

Please read through the instructions before you start (you may want to print this out).

Please set your system to show all files; please see here if you're unsure how to do this.

Please download and install AD-Aware.Check Here on how setup and use it - please make sure you update it first. Don't run yet.

Download Pocket Killbox and unzip it; save it to your Desktop. We may need it later.

Download Ewido Trojan’s and malware remover http://www.ewido.net/en/download/This setup contains the free as well as the plus-version of the ewido security suite. After the installation, a free 14-day test version containing all the extensions of the plus-version will be activated. At the end of the test phase, the extensions of the plus version are deactivated and the freeware version can be used unlimited times. The purchased license code of the plus version can be entered at any time.Ewido will auto-udate. Don't run yet

Important Step1. Go to Start->Run and type "Services.msc" (without quotes) then hit OkScroll down and find the service called:WebSeach Toolbar support NT service (TBPSSvc) When you find it, double-click on it. In the next window that opens, click the Stop button, then click on properties and under the General Tab, change the Startup Type to Disabled. Now hit Apply and then Ok and close any open windows. If you don´t find this service listed go ahead with the next steps.

Reboot into Safe Mode: please see here if you are not sure how to do this.

Clean out temporary and TIF files. Go to Start > Run and type in the box: cleanmgr. Let it scan your system for files to remove. Make sure all are checked and then press *ok* to remove:

Double click on the cwsserviceremove and when asked to merge say yes

Run CW-Shredder - Hit the FIX button - let it run and fix what it finds.

Run killbox and click the radio button that says Delete a file on reboot. For each of the files you could not delete, paste them one at a time into the full path of file to delete box and click the red circle with a white cross in it.The program will ask you if you want to reboot; say No each time until the last one has been pasted in whereupon you should answer Yes.C:\PROGRA~1\Toolbar\TBPSSvc.exeC:\WINNT\system32\wzcagent.exeC:\WINNT\system32\kmumhk.exeC:\PROGRA~1\Toolbar\PIB.exec:\PROGRA~1\Toolbar\radio.exeC:\WINNT\system32\wzcagent.exeC:\WINNT\system32\wsnme.exeC:\WINNT\cfgmgr52.dllC:\WINNT\system32\exp.exeLet the system reboot.

Please download, install and run this disk cleanup utility called Cleanup version 4.0!: http://downloads.ste...p/CleanUp40.exeIt will get rid of any malware which may be hiding in your temp folders ( a common hiding place). You will also regain a massive amount of disk space. Here is a tutorial which describes its usage: http://www.bleepingc...tutorial93.htmlCheck the custom settings to your liking under options, but be sure to delete temporary files and temporary internet files for all user profiles. Also, cleanout the prefetch folder and the recycle bin.When the scan has finnished click the close buttonWhen prompted the system will log off to let it clean out the remaining files. when the log screen shows log back on and continue the fix.

kankaras

Posted 29 June 2005 - 12:22 PM

kankaras

Posted 29 June 2005 - 12:43 PM

kankaras

New Member

Topic Starter

Member

3 posts

Here is a question for you...I cannot get into Safe Mode...it asks for the username and password...the one that I have been given does not work...and I checked Caps Lock and all...should I continue with Ewdio full scan, spifix and the other instructions if I am not in safe mode...keep in mind, this terminal is connected to a network...